passwordless-cache-manager

    1.0.1 • Public • Published

    passwordless-cache-manager

    js-standard-style Build Status npm version

    A token store for Passwordless, a node.js module for express that allows website authentication without password using verification through email or other means.

    This store implementation uses node-cache-manager, which supports multiple storage engines.

    Tokens are stored in memory and are hashed and salted using bcryptjs.

    Acknowledgements

    Most of the project scaffolding is lifted from passwordless-memorystore, with modifications specific to using node-cache-manager.

    Usage

    First, install the module:

    $ npm install cache-manager passwordless-cache-manager --save

    Afterwards, follow the guide for Passwordless. A typical implementation may look like this:

    var passwordless = require('passwordless');
     
    var cacheManager = require('cache-manager');
    var CacheManagerStore = require('passwordless-cache-manager');
     
    // Using the built-in memory store as an example. Swap this out with the specific cache-manager storage engine you need
    var memoryStore = require('cache-manager/lib/stores/memory');
     
    passwordless.init(new CacheManagerStore(cacheManager.caching({
      store: memoryStore
    })));
     
    passwordless.addDelivery(
        function(tokenToSend, uidToSend, recipient, callback) {
            // Send out a token
        });
        
    app.use(passwordless.sessionSupport());
    app.use(passwordless.acceptToken());

    Initialization

    var cacheManager = require('cache-manager');
    var CacheManagerStore = require('passwordless-cache-manager');
     
    new CacheManagerStore(cacheManager.caching({
        store: <cache-manager store>,
        // store-related options
    }));

    Hash and salt

    As the tokens are equivalent to passwords (even though they do have the security advantage of only being valid for a limited time) they have to be protected in the same way. passwordless-cache-manager uses bcryptjs with automatically created random salts. To generate the salt 10 rounds are used.

    Tests

    $ npm test

    Debugging

    The debug module is used to log debug statements. It can be enabled via the environment variable:

    DEBUG=passwordless-cache-manager

    License

    MIT License

    Install

    npm i passwordless-cache-manager

    DownloadsWeekly Downloads

    9

    Version

    1.0.1

    License

    MIT

    Last publish

    Collaborators

    • theo.gravity